Credentials
NACD Directorship Certified™
The premier designation for directors in the United States
Trending Oversight Topics
Governance Surveys
Center for Inclusive Governance
Questionnaire
02/22/2019
In brief: Originally appearing in Director Essentials: Strengthening Risk Oversight, this questionnaire includes key questions about eight risk oversight practices to stimulate board discussion and enhance the board’s understanding of the organization’s risk management activities.
This resource can help your board
Clarify the roles of the board, management, and committees
Understand the company’s risk profile
Define the company’s risk appetite
Integrate strategy, risk, and performance discussions
Access risk culture
Most relevant audiences: audit committee members, risk committee members, and chief risk officers
The following questions align with the common risk oversight practices identified in Director Essentials: Strengthening Risk Oversight.
These questions help drive dialogue with management and obtain a robust understanding of the effectiveness of risk management activities throughout the organization. This list incorporates questions from the Report of the NACD Blue Ribbon Commission on Risk Governance.
Clarify the Roles of the Board, Committees, and Management
Is there a common understanding among management, the board, and board committees about their respective roles, responsibilities, and accountabilities on strategy? For example, is the board and are the appropriate committees meeting regularly with a CRO? If there is a
CRO, has the board ensured that the CRO and general counsel have adequate resources and appropriate reporting lines to bring any changes in material risks to the board’s attention?
Are risk oversight activities clearly differentiated between the board and its committees, and among the various committees?
Does the board have the appropriate committee structure for its significant oversight obligations in the risk area?
How specifically are our board committees engaged in risk oversight? For example, how is our audit and/or risk committee discussing risk controls, risk assessment policies, and risk management polices? (Section 303A, NYSE Listing Manual.) How does the compensation committee evaluate potential risks in
executive pay plans and in the company’s pay philosophy overall?
How does the nominating and governance committee factor risk and strategy considerations into board succession planning and director recruitment needs?
What is the threshold for risk-related reporting to the board (e.g., categories of risk, specific issues or incidents)? What situations may call for greater board engagement (e.g., perceived management failure to disclose or address a critical risk)? Do we have a protocol that defines these situations?
NACD Directors SummitTM
NEW: Bill Gates Takes the Mainstage Virtually